Re: Going from simple to super CAPTCHA

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2007-06-11 at 13:29 -0400, Robert Cummings wrote:
> On Mon, 2007-06-11 at 18:57 +0200, Tijnema wrote:
> > On 6/11/07, Jim Lucas <lists@xxxxxxxxx> wrote:
> > > Tijnema wrote:
> > > > On 6/11/07, Robert Cummings <robert@xxxxxxxxxxxxx> wrote:
> 
> > >
> > > not if you are morphing/changing the image each page load.
> > >
> > <snip>
> > >
> > > remember, change height, width, color depth, plus all possible morphing and you are talking about a
> > > lot of images.
> > >
> >
> > Convert image to fixed width + fixed height + default depth, then do
> > some work on it :P
> 
> A lot of people have already commented on why you can't provide the
> answers in a radio or select list so I want answer those again. As
> Others have already mentioned it's not an easy task to fingerprint the
> images either since there are multiple problems at play for someone
> attempting to do so. First off, we are using multiple backgrounds with
> the icons placed on the backgrounds. To fingerprint you need to know
> what the icons are on the background. You can't just fingerprint the
> entire CAPTCHA because you the backgorund can change and so too can the
> order and position of the icon. Additionally, by distorting the icon to
> some degree, varying blending with background, colour, softness,
> pixelation, etc the entire image becomes unique. Also even if for some
> ungodly reason two images were generated with the exact same fingerprint
> (unlikely as hell), the question might be different. One question might
> ask what animal do you see? The other might say how many fish do you
> see? As such there are multiple solutions to a single CAPTCHA but only
> one is the answer based on the challenge posed.

BTW, just crunching my brain a bit, to get past spelling issues, you
could place a 5-digit (or something similar) number under each icon that
would be highly visible and clear (unlike currently captcha text) and
that would be what the user would input instead of the name. Similarly
for audio captcha, you would just read a 5 digit number after each
option... audio captcha would probably require listeners to listen at
least twice, once to get an overview of the information, the second to
locate the pertinent number to input.

One problem might be that the placement of such a number might make it
possible for hackers to home in on the pertinent information easier.

Cheers,
Rob.
-- 
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for       |
| creating re-usable components quickly and easily.          |
`------------------------------------------------------------'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux